User/Kernel Protection Boundary¶
- Privileged mode/Kernel-level: OS kernel has privileged direct hardware access
- Unprivileged mode/User level: applciation
- User-kernel swith is supported by hardware: trap
- privilege bit on CPU: if not set, attempt to perform privilege opeation will be forbiden. This will cause a trap
- Trap instructions: the application will be interrupted and the hardware will switch control to OS. Then the OS can check what cause the trap occur, then decide if it should grant the access or terminate the process.
- System call:
- interface of interaction between OS and application
- OS export system call interface
- Applications can invoke if they want the OS to perform certain service or privilage access on their behave.
- open(file)
- send(socket)
- malloc(memory)
- signals:
- OS passes information to the application

Switch execution context between user-mode and kernel mode, not a cheap operation
To make a system call, an applciation must
- write arguments: can be directly passed to the program or through address
- save relevant data at well-defined location
- make system call: a system call number, also decide how many arguments to retrive
- Synchronous mode: process will wait until the system call completes